Salam Houchou, Developer in Zürich, Switzerland
Salam is available for hire
Hire Salam

Salam Houchou

Verified Expert  in Engineering

Security Architect and Developer

Zürich, Switzerland

Toptal member since March 15, 2022

Bio

Salam is an IT security architect and consultant in information, cyber, and cloud security. With 20 years of experience, a master's degree in cyber security, and Microsoft Azure, GCP, and AWS security certifications, he excels in designing and implementing initiatives to manage security risks and compliance while maximizing safety and security expectations. Salam is keen on re-organizing, streamlining, and strengthening existing operations by implementing cutting-edge, cost-effective solutions.

Portfolio

Solomon Labs Inc
SOC 2, Security, Amazon Web Services (AWS), Google Cloud Platform (GCP)...
Vizen Analytics, LLC
IT Security, GCP Security, Snowflake, Azure Cloud Security, Advisory...
Colleva, Inc.
IT Security, SecOps, Azure, Security, SOC 2, GDPR, IDS/IPS, SaaS Security...

Experience

  • Security Architecture - 10 years
  • Cybersecurity - 10 years
  • Architecture - 10 years
  • Cloud - 5 years
  • Google Cloud Platform (GCP) - 3 years
  • Amazon Web Services (AWS) - 3 years
  • Azure - 3 years
  • Cloud Security - 3 years

Availability

Full-time

Preferred Environment

Google Cloud Platform (GCP), Application Security, Microsoft Azure, Security Architecture, Information Security, Compliance, SOC 2, AWS Cloud Security, NIST, Risk Assessment

The most amazing...

...project I've worked on is engineering, designing, and implementing information security controls to one of the biggest monitoring platforms in Switzerland.

Work Experience

Security Engineer

2024 - 2024
Solomon Labs Inc
  • Led the implementation and management of cloud infrastructure on GCP and AWS, successfully configuring and optimizing services such as Cloud Run, Cloud Storage, and Compute Engine, resulting in a 30% improvement in operational efficiency.
  • Achieved SOC 2 Type 1 compliance by designing and implementing security, privacy, and access controls across GCP and AWS environments, ensuring adherence to SOC 2 Trust Services Criteria for security and confidentiality. No exceptions were noted.
  • Monitored and enhanced security controls across the cloud infrastructure, using native tools like GCP Security Command Center, AWS GuardDuty, and Cloud Audit Logs, ensuring continuous compliance and security monitoring.
  • Developed and executed cloud data security policies for sensitive information stored in cloud services, implementing encryption at rest and in transit using AWS KMS and GCP Cloud KMS and establishing automated data sanitization processes.
Technologies: SOC 2, Security, Amazon Web Services (AWS), Google Cloud Platform (GCP), Risk Analysis, Risk Assessment, IT Audits, Web Application Firewall (WAF), Cybersecurity Operations, SOC Compliance, Encryption, Logging, Software Development Lifecycle (SDLC)

SecOps Engineer (via Toptal)

2024 - 2024
Vizen Analytics, LLC
  • Created a design for GCP infrastructure using GCP best practices architecture and best security practices.
  • Designed secure connectivity to share data securely between the Snowflake platform and SaaS deployment on GCP.
  • Built a security policy for the company and the security controls for client satisfaction.
Technologies: IT Security, GCP Security, Snowflake, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Azure Active Directory, Amazon EKS, Security Information and Event Management (SIEM), Risk Analysis, Root Cause Analysis, Linux, Penetration Testing, Infrastructure as Code (IaC), APIs, Google Kubernetes Engine (GKE), CMC, Active Directory (AD), Microsoft, Privileged Access Management (PAM), CyberArk, Akamai, Google Workspace, Email, Computer Networking, TCP/IP, Windows, Azure Kubernetes Service (AKS), Audits, Palo Alto Networks, Risk Management, Identity & Access Management (IAM), Application Security, ISO 27002, Financial Services, Data Privacy, AWS Cloud Security, Cloud, AWS Cloud Architecture, SaaS, Firewalls, Google Cloud Platform (GCP), Amazon Web Services (AWS), Cybersecurity Operations, SOC Compliance, Encryption, Logging, Software Development Lifecycle (SDLC), Microsoft Entra

Security Architect (via Toptal)

2024 - 2024
Colleva, Inc.
  • Crafted and implemented a suite of robust security policies tailored to the company's specific needs and industry requirements. These policies covered areas such as data protection, access control, incident response, and risk management.
  • Guided the company through the SOC 2 compliance process from start to finish, ensuring adherence to industry-leading security standards and best practices.
  • Provided expert mentorship and support to internal teams, facilitating their understanding of SOC 2 requirements and helping them implement necessary controls and procedures.
  • Leveraged Azure's built-in security features such as Azure Security Center, Azure Policy, Azure Firewall, and Azure Identity and Access Management (IAM) to enhance visibility, protect against threats, and enforce compliance requirements.
  • Configured Azure Security Center to provide continuous monitoring and threat detection capabilities, allowing for real-time detection of suspicious activities, unauthorized access attempts, and potential security breaches.
  • Implemented a proactive approach to security through continuous improvement and optimization of Azure security controls.
Technologies: IT Security, SecOps, Azure, Security, SOC 2, GDPR, IDS/IPS, SaaS Security, Microsoft Power Apps, Infrastructure Security, Network Architecture, Cloud Infrastructure, CloudOps, IPsec, VPN, Network Engineering, Cloudflare, OpenVPN, AWS Certified Solution Architect, Jira, Confluence, Vulnerability Scanning, Certifications, Data Migration, Kubernetes, Security Advisory, Advisory, Infrastructure, Managed Services, Azure Active Directory, Amazon EKS, Risk Analysis, Root Cause Analysis, Linux, Penetration Testing, Infrastructure as Code (IaC), APIs, Google Kubernetes Engine (GKE), CMC, Active Directory (AD), Microsoft, Microsoft Identity Manager, Privileged Access Management (PAM), CyberArk, Akamai, Google Workspace, Email, Computer Networking, TCP/IP, Windows, Azure Kubernetes Service (AKS), Audits, Risk Management, Identity & Access Management (IAM), Application Security, ISO 27002, Data Privacy, SQL, Forensics, AWS Cloud Security, Cloud, AWS Cloud Architecture, SaaS, Firewalls, Google Cloud Platform (GCP), Amazon Web Services (AWS), Cybersecurity Operations, SOC Compliance, Encryption, Logging, Software Development Lifecycle (SDLC), Microsoft Entra

Enterprise Security Engineer (via Toptal)

2022 - 2023
Databricks - Security Team (UK)
  • Strengthened, validated, and guided the implementation of security best practices across the business, focusing expertise on using processes and systems and how to use them to promote safe practices.
  • Defined and developed the organization's approach to corporate assets and worked to ensure their security and availability.
  • Documented security standards that IT teams can implement and use their SaaS apps for hardening.
  • Architected security controls for SaaS integrations against security frameworks.
  • Provided security controls for diverse applications and infrastructure in multi-cloud environments, including AWS, Azure, and GCP.
Technologies: Security, NIST, Amazon Web Services (AWS), ISO 27001, Okta, SecOps, IT Security, FedRAMP, IP Networks, Security Engineering, Vulnerability Management, Threat Modeling, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Database Security, Cybersecurity, Web Security, Web App Security, Google Cloud, Single Sign-on (SSO), SOC 2, System Administration, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Zero Trust, SAML, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Microsoft 365, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, OpenID, OAuth, Terraform, Data Loss Prevention (DLP), Azure Cloud Services, GCP Security, SaaS Security, Microsoft Power Apps, Network Architecture, Cloud Infrastructure, CloudOps, IPsec, VPN, Network Engineering, Cloudflare, OpenVPN, AWS Certified Solution Architect, Confluence, Vulnerability Scanning, Certifications, Data Migration, Kubernetes, Security Advisory, Azure Cloud Security, Advisory, Infrastructure, Shell Scripting, Security Information and Event Management (SIEM), Risk Analysis, Root Cause Analysis, Linux, Penetration Testing, APIs, Google Kubernetes Engine (GKE), CMC, Communication, Active Directory (AD), Microsoft, Microsoft Identity Manager, Privileged Access Management (PAM), CyberArk, Enterprise Cybersecurity, Akamai, Google Workspace, Computer Networking, TCP/IP, Routing, Windows, Azure Kubernetes Service (AKS), Audits, Palo Alto Networks, Risk Management, Identity & Access Management (IAM), Application Security, ISO 27002, Financial Services, Data Privacy, Forensics, AWS Cloud Security, AWS Cloud Architecture, SaaS, Firewalls, Google Cloud Platform (GCP), Cybersecurity Operations, SOC Compliance, Encryption, Logging, Microsoft Entra

Security Consultant

2010 - 2010
CRYPTO AG
  • Designed and deployed hardened network and security architectures for global military, defense, and government customers. Presented information on infrastructure plans, progress, and resolution of information security gaps to higher management.
  • Executed complex projects and delivered essential security and business requirements by leveraging existing processes, assessing, managing, and reporting risks and issues, and providing mitigation options to key stakeholders.
  • Reinforced information security across all government departments and established a security operations center.
Technologies: Architecture, Cryptography, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, Cybersecurity, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), Network Security, Remote Access Security, NIST, Documentation, Information Security, Networks, Cisco, Database Security, Endpoint Security, Security, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, DevOps, Monitoring, Intrusion Detection Systems (IDS), Group Policy, IT Governance, Data Governance, Governance, GRC, Computer Security, Scaling, Security Management, Risk Assessment, Information Assurance, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, GDPR, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR), IPsec, VPN, Infrastructure, Root Cause Analysis, Google Kubernetes Engine (GKE), Communication, Active Directory (AD), Microsoft, Microsoft Identity Manager, Privileged Access Management (PAM), CyberArk, Enterprise Cybersecurity, Computer Networking, TCP/IP, Routing, Windows, Risk Management, ISO 27002, Financial Services, Insurance, Pharmaceuticals, Telecommunications, Data Privacy, SQL, Forensics, AWS Cloud Security, AWS Cloud Architecture

Remote Access Solution

I developed and designed a global remote access and security project. My responsibilities involved:
• Deploying the business application and handling the distribution for 20 thousand users
• Identifying design and security gaps in the existing and proposed architectures
• Recommending changes and improvements

e-Government Security

I reinforced information security across all government departments and contributed to establishing the security operations center, supporting the business goals. My responsibilities involved:
• Designing and developing hardened network and security architectures
• Presenting infrastructure plans, progress data, and solutions for information security gaps
• Leveraging existing security processes
• Assessing, managing, and reporting risks and issues and providing mitigation options

Security Management Project

I contributed to this project as a consultant in cloud security solutions working on a new cloud offering, infrastructure migration, and implementation of cloud security principles according to the National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), and Cloud Security Alliance (CSA). My responsibilities involved delivering:
• A data loss prevention (DLP) solution
• Content filtering
• Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Endpoint protection
• Log management
• Analytics solutions
2017 - 2019

Master of Science Degree in Cyber Security

University of Liverpool - Liverpool, United Kingdom

MAY 2023 - PRESENT

AWS Solutions Architect Professional

Amazon Web Services

SEPTEMBER 2021 - PRESENT

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JULY 2021 - PRESENT

AWS Certified Security - Specialty

Amazon Web Services (AWS)

JULY 2020 - PRESENT

Aviatrix Certified Engineer Multi-Cloud Network Associate

Aviatrix

FEBRUARY 2020 - FEBRUARY 2023

AWS Certified Solutions Architect Associate

AWS

Libraries/APIs

OpenID

Tools

GitHub, ConfigServer Security & Firewall (CSF), Terraform, GCP Security, Microsoft Power Apps, CloudOps, VPN, OpenVPN, Jira, Confluence, Google Kubernetes Engine (GKE), Microsoft Identity Manager, Google Workspace, Azure Kubernetes Service (AKS), Logging, Amazon EKS

Languages

SQL, SAML, Snowflake

Paradigms

DevSecOps, DevOps, Penetration Testing

Platforms

Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), CrowdStrike, Kubernetes, Linux, Microsoft, Windows

Industry Expertise

Cybersecurity, Telecommunications, Insurance, Network Security, Security Advisory

Storage

Database Security, Google Cloud, Azure Cloud Services, Azure Active Directory

Other

CyberArk, Firewalls, Intrusion Prevention Systems (IPS), SaaS, Architecture, Networking, SIEM, Cryptography, Cloud, Enterprise Risk Management (ERM), AWS Cloud Security, Cloud Security, Security Architecture, IP Networks, Security Engineering, Security, Remote Access Security, IT Security, Compliance, Consulting, ISO 27001, Okta, NIST, Documentation, SecOps, Endpoint Security, FedRAMP, Vulnerability Management, Application Security, Microsoft Azure, Information Security, ISO 27002, Financial Services, Data Privacy, Pharmaceuticals, Identity & Access Management (IAM), Threat Modeling, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Audits, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, Critical Security Controls (CIS Controls), Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OAuth, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), IDS/IPS, Endpoint Detection and Response (EDR), SaaS Security, Infrastructure Security, Network Architecture, Cloud Infrastructure, IPsec, Network Engineering, Cloudflare, AWS Certified Solution Architect, Vulnerability Scanning, Certifications, Data Migration, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Security Information and Event Management (SIEM), Risk Analysis, Root Cause Analysis, Infrastructure as Code (IaC), APIs, CMC, Communication, Active Directory (AD), Privileged Access Management (PAM), Enterprise Cybersecurity, Akamai, Email, Computer Networking, TCP/IP, Routing, Cybersecurity Operations, SOC Compliance, Encryption, Software Development Lifecycle (SDLC), Microsoft Entra, AWS Cloud Architecture, Security Audits, Microsoft 365, Shell Scripting, Forensics, IT Audits, Web Application Firewall (WAF)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring